Charter for Working Group

This working group will standardize encodings for DNS queries and responsesthat are suitable for use in HTTPS. This will enable the domain name system tofunction over certain paths where existing DNS methods (UDP, TLS [RFC 7857],and DTLS [RFC 8094]) experience problems.

The working group will re-use HTTPS methods, error codes, and other semanticsto the greatest extent possible. The use of HTTPS and its existing PKIprovides integrity and confidentiality, and it also allows interoperationwith common HTTPS infrastructure and policy.

The primary focus of this working group is to develop a mechanism thatprovides confidentiality and connectivity between DNS clients (e.g., operatingsystem stub resolvers) and recursive resolvers. While access toDNS-over-HTTPS servers from JavaScript running in a typical web browser is notthe primary use case for this work, precluding the ability to do so wouldrequire additional preventative design. The working group will not engage insuch preventative design.

The working group will analyze the security and privacy issues thatcould arise from accessing DNS over HTTPS. In particular, the workinggroup will consider the interaction of DNS and HTTP caching.

The working group will coordinate with the DNSOP and INTAREA working groupsfor input on DNS-over-HTTPS's impact on DNS operations and DNS semantics,respectvely. In particular, DNSOP will be consulted for guidance on theoperational impacts that result from traditional host behaviors (i.e.,stub-resolver to recursive-resolver interaction) being replaced with thespecified mechanism.

Specification of how DNS-formatted data may be used for use cases beyondnormal DNS queries is out of scope for the working group.

The working group may define mechanisms for discovery of DOH serverssimilar to existing mechanisms for discovering other DNS servers ifthe chairs determine that there is both sufficient interest andworking group consensus.

The working group will use draft-hoffman-dispatch-dns-over-https as input.

Milestones

Date

Milestone

Sep 2019

Submit Resolver Associated DoH to the IESG

Jul 2019

Resolver Associated DoH Last Call

Done

Submit specification for performing DNS queries over HTTPS to the IESG for publication as PS